package servlet;

import bean.User;
import dao.HibernateUserDao;
import interfaces.UserDao;
import java.io.IOException;
import java.util.List;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.LogFactory;

/**
 *
 * @author yakimovich
 */
//@WebServlet(name = "AuthUser", urlPatterns = {"/AuthUser"})
public class AuthUser extends HttpServlet {

    private static org.apache.commons.logging.Log logger = LogFactory.getLog(AuthUser.class);
    private RequestDispatcher dispatcher;

    /**
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        String login = request.getParameter("login");
        String password = request.getParameter("password");

        if ((login == null) || (password == null) || ("".equals(login)) || ("".equals(password))) {
            request.setAttribute("error", "Invalid login or password");
            dispatcher = getServletContext().getRequestDispatcher("/login.jsp");
            dispatcher.forward(request, response);
        } else {

            UserDao userDao = new HibernateUserDao();
             User user = null;
            try{
            user = userDao.findByLogin(login);
            } catch (IllegalArgumentException e){
                logger.error(this, e);
                request.setAttribute("error", "User with such login and password does not exist");
                dispatcher = getServletContext().getRequestDispatcher("/login.jsp");
                dispatcher.forward(request, response);
            }

            if (user == null || !password.equals(user.getPassword())) {
                request.setAttribute("error", "invalid login or password");
                dispatcher = getServletContext().getRequestDispatcher("/login.jsp");
                dispatcher.forward(request, response);
                
            } else if (user.getRole().getName().equalsIgnoreCase("Admin")) {
                HttpSession session = request.getSession(true);
                session.setAttribute("id", user.getId());
                session.setAttribute("role", user.getRole().getName());
                session.setAttribute("firstName", user.getFirstName());
                session.setAttribute("lastName", user.getLastName());
                List<User> users = userDao.findAll();
                session.setAttribute("users", users);
                dispatcher = getServletContext().getRequestDispatcher("/adminPage.jsp");
                dispatcher.forward(request, response);
                
            } else if (user.getRole().getName().equalsIgnoreCase("User")) {
                HttpSession session = request.getSession();
                session.setAttribute("role", user.getRole().getName());
                session.setAttribute("firstName", user.getFirstName());
                session.setAttribute("lastName", user.getLastName());
                dispatcher = getServletContext().getRequestDispatcher("/helloUser.jsp");
                dispatcher.forward(request, response);
            }
        }
    }
}
